We received the file INTELIWEBSVC.DLL and detected that INTELIWEBSVC.DLL is not good.
INTELIWEBSVC.DLL is Adware. You should remove the file INTELIWEBSVC.DLL.
Kill the process INTELIWEBSVC.DLL and remove INTELIWEBSVC.DLL from Windows.
Malware Analysis of INTELIWEBSVC.DLL
Full path on a computer: %Common Appdata%\InteliWeb\InteliWebSvc.dll
Detected by UnHackMe:
INTELIWEBSVC.DLL
Default location: %Common Appdata%\InteliWeb\InteliWebSvc.dll
Removal Results: Success
Number of reboot: 1
INTELIWEBSVC.DLL is known as:
Adware.SProtector
INTELIWEBSVC.DLL hash:
- MD5: 66e7278c4ce9fdedab811f763fb0670b
The file tries to connect to the dangerous web site.
How to quickly detect INTELIWEBSVC.DLL presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{4701095d}\UninstallString: “”%SysDir%\RUNDLL32.EXE” “C:\DOCUME~1\ALLUSE~1\APPLIC~1\INTELI~1\INTELI~1.DLL”,_uninstall /un”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{4701095d}\DisplayName: “InteliWeb”
- HKLM\System\CurrentControlSet\Services\4701095d\ImagePath: “”%SysDir%\rundll32.exe” “c:\docume~1\alluse~1\applic~1\inteli~1\InteliWebSvc.dll”,service”
- HKLM\System\CurrentControlSet\Services\4701095d\DisplayName: “InteliWeb”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “c:\docume~1\alluse~1\applic~1\inteli~1\inteli~1.dll”
Folders:- %Common Appdata%\InteliWeb
Files:- %Temp%\__tmp_2c6f7bea
- %Common Appdata%\InteliWeb\InteliWeb.dll
- %Common Appdata%\InteliWeb\InteliWebSvc.dll